Paul's Security Weekly

Subscribe

Paul’s Security Weekly #744

Full episode and show notes

Segments

PSW #741 – Robert Lee & Saumil Shah

This week, we kick off the show with an interview featuring Robert Lee, where we discuss The Year in Cyber Review 2021! In the second segment, we interview Saumil Shah, where we talk about Firmware Security! Then, in the Security News: Singapore launches safety rating system for e-commerce sites, Watch Out for Zyxel Firewalls RCE Vulnerability, New Bluetooth hack that can unlock your Tesla, Hackers Compromise a String of NFT Discord Channels, a pentester’s attempt to be ‘as realistic as possible’ backfires, & more!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #740 – Fleming Shi

This week, we kick off the show with an interview featuring Fleming Shi, where we discuss Destructive Malware and Other Threats to Watch! Then, in the Security News: Colonial Pipeline facing $1,000,000 fine, cybercrime tracking bill signed into law, Lincoln College Set to Close After Crippling Cyberattack, Nvidia’s LHR limiter bypassed, & North Carolina Becomes the First State to Prohibit Public Entities from Paying Ransoms, & more!

This segment is sponsored by Barracuda Networks.

Visit https://securityweekly.com/barracuda to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #739 – Fatih Karayumak

This week, we kick off the show with an interview featuring Fatih Karayumak, where we discuss Risk Transfer With Engineering Based Cyber Insurance! Then, in the Security News for this week: Lessons from Star Wars on threats, more than just your thermal exhaust port, Pegasus spotted again, Python replaces JavaScript?, Read-Only containers, no problem for malware, breaking out of captive portals, its always DNS, except when its not DNS, but this time its DNS and uClibc, you are ordered to block these sites, ransomeware still hurts, DoD contractors remain vulnerable, hiding in network appliances, QUIETEXIT, & more!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #738 – Michael Aminov & Marcus Sachs

This week, we start the show off with an interview with Michael Aminov, Founder & Chief Architect at Perception Point to discuss Security Blind Spots: Are You Protected? An interview featuring Marcus Sachs, the Deputy Director for Research at McCrary Institute for Cyber and Critical Infrastructure Security where we discuss Crypto Collecting! Finally, in the Security News for this week: Java’s “psychic paper”, Musk’s plans for Twitter’s algorithm, Bossware, What Google is getting wrong about expired domains, & NFT Tweet Auctions!

Segment Resources:

Request a demo and get a FREE coffee on us: https://hubs.la/Q0156lpK0

This segment is sponsored by Perception Point.

Visit https://securityweekly.com/perceptionpoint to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #737 – Capt. John Alfred & Thomas Lonardo

This week on Paul's Security Weekly, an interview with Captain John Alfred retired from the Rhode Island State Police. Second up is a discussion with Tom Lonardo, John Alfred, and the hosts to talk about privacy in your organization, the GDPR, the CFA, and other topics in relation to the long arm of the law. In the Security News: Logitech’s Lift is a vertical mouse that’s easier to grasp, CISA warns of attackers now exploiting Windows Print Spooler bug, Google tracked 58,exploited zero-day security holes in 2021, For Russian tech firms, QNAP urges customers to disable UPnP port forwarding on routers Putin’s crackdown ended their global ambitions, & Hackers can infect over 100 Lenovo models with unremovable malware. Are you patched?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #736 – Mike Wilkes & Amanda Berlin

This week, we start the show off with an interview Mike Wilkes, Chief Information Security Officer at SecurityScorecard, for an interview about Third Party Risk Management! An interview featuring Amanda Berlin, Lead Incident Detection Engineer at Blumira! Finally, in the Security News for this week: Microsoft Zero-Days, Former Ethereum Developer Virgil Griffith Sentenced to 5+ Years in Prison for North Korea Trip, Chinese hackers are using VLC media player to launch malware, An update to Raspberry Pi OS Bullseye, Bearded Barbie hackers catfish high ranking Israeli officials & more! All that and more, on this episode of Paul’s Security Weekly!

Visit https://securityweekly.com/securityscorecard to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #735 – Sean Metcalf & Jay Beale

This week, we start the show off with an interview Sean Metcalf, the Founder & CTO of Trimarc, where we talk “Active Directory, Azure AD, & Okta Oh My!” An interview featuring featuring Jay Beale, the CEO of InGuardians, about Kubernetes & Container security! Finally, in the Security News for this week: Ransomeware that was a breeze, getting an eyeful while charging your electric vehicle, scanning for secrets, find my iphone is useful, WTF Apple moments and why I run Linux, Wyze is not very wise, stopping teen hackers, and ranking endpoint detection! All that and more, on this episode of Paul’s Security Weekly!

Segment Resources:

-Peirates, a Kubernetes penetration testing tool:

https://www.inguardians.com/peirates/

-Free Kubernetes workshops:

https://inguardians.com/kubernetes/

-DEF CON Kubernetes CTF

https://containersecurityctf.com/

-Jay's Black Hat Kubernetes Attack and Defense Training

https://www.blackhat.com/us-22/training/schedule/index.html#abusing-and-protecting-kubernetes-linux-and-containers-26473

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #734 – Mark Boltz-Robinson, Hanine Salem

This week, we start the show off with an interview featuring Mark Boltz-Robinson, the Manager of the ADRP Team at Trellix, about the State of the SOC today! Next up, we welcome Dr. Hanine Salem, a Managing Partner at Novus Consulting Group, to discuss K-12 Cybersecurity Attacks!! Finally, in the Security News: Military intelligence, Chrome updates, an exploit for the firewall, racing the kernel, creepy spyware goes away(?), weaponizing security complexity, same old tricks, the largest crypto hack, suing journalists, targeting your battery backup, the teenager behind Lapsus$, spring exploits just in time for spring, & hacking your Honda Civic!

Segment Resources:

http://www.securitybsides.com

https://www.bsidesdc.org

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

PSW #733 – Stephen Ward, & David Kennedy

This week, we start the show off with an interview featuring Stephen Ward, the CMO of Source Defense, about Exposing the Shadows: Managing Shadow Code and the Blind Side in 3rd Party Risk! Next up, we jump into the Security News for this week: insiders inside NASA, BIND is in a bind again, Lapsus$ is on a tear, ripping at Microsoft and Okta, anonymous hacks printers, The UEFI security rabbit hole goes DEEP, Microtik and Tickbot, Browser-in-the-Browser attacks, Nestle gets attacked for not wanting to hurt babies, & just another sabotage! Finally, a pre-recorded interview featuring Dave Kennedy, where we discuss TrevorC2!

Segment Resources:

Our core whitepaper

https://info.sourcedefense.com/event/client-side-white-paper-2022?leadsource=White%20Paper

Blog on the blind side topic

https://sourcedefense.com/resources/blog/wheres-the-blind-side-in-your-3rd-party-risk-its-on-the-client-side/

Free risk report on attendee's web properties

https://sourcedefense.com/check-your-exposure/

This segment is sponsored by Source Defense.

Visit https://securityweekly.com/sourcedefense to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full episode and show notes

Segments

About

If you’re looking for a bunch of us security nerds to get together and talk shop, then Paul’s Security Weekly is for you. This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. The topics vary greatly and the atmosphere is relaxed and very conversational. This is a longer show, typically 2+ hours, for those with a long commute.

prestitial ad